2024-04-22_8d7d5a8e7b457d66a06d6336838db54f_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-22_8d7d5a8e7b457d66a06d6336838db54f_icedid
Size

2.2MB
MD5

8d7d5a8e7b457d66a06d6336838db54f
SHA1

877a4d1e37d749335c376a1f1fb667d67b696274
SHA256

a4e6ab4f77d4aa07f96c9ac687aa1bddac299bb15728b4cab03488f8da994090
SHA512

c6ae5654daf9fa07ad5beaef7fad4671df0f7b86ee7566288c7f899edeb2010022b2a09f7465764d3e15a5c32ed4d9ed5bde8223f4b9f01b64e74dc8b238e8d1
SSDEEP

24576:wE3wxhliwEHwBJg23BsdkOxCKm5M04FD2R4OxfyeEhHFVRlUMv3o4PNt+v59T993:1CfU1O6D2seoHFVfTPFt+vvTLAgRT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-22_8d7d5a8e7b457d66a06d6336838db54f_icedid

Files

2024-04-22_8d7d5a8e7b457d66a06d6336838db54f_icedid
.exe windows:4 windows x86 arch:x86

5a678542fbec8592cb0ef2bfad96c004

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\builds\gv\dev\bsb\8-6-8\global vision 8\admin. support\gvfinger\release\GvFinger.pdb

Imports

kernel32

GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetTimeFormatA
GetDateFormatA
LCMapStringA
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetExitCodeProcess
CreateProcessW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
VirtualAlloc
HeapSize
ExitProcess
HeapReAlloc
CreateThread
ExitThread
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
GetTempFileNameW
GetFileTime
GetFileAttributesW
SetErrorMode
WritePrivateProfileStringW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrlenA
GetModuleHandleA
CreateEventW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
CompareStringA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
SetLastError
CopyFileW
lstrlenW
InterlockedCompareExchange
MulDiv
GlobalUnlock
GlobalFree
FreeResource
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryA
FormatMessageW
LocalFree
GetCurrentThread
SetThreadPriority
GetTickCount
DuplicateHandle
WaitForMultipleObjects
ResetEvent
SetEvent
InterlockedExchange
WriteFile
ReadFile
GetFileSize
SetFilePointer
VirtualQuery
lstrcpyW
GetSystemDefaultLCID
GetUserDefaultLCID
GlobalMemoryStatus
GetComputerNameW
GetVolumeInformationW
GetSystemInfo
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
GetCurrentProcess
DeleteFileW
GetModuleFileNameW
SetUnhandledExceptionFilter
LoadLibraryW
CreateFileW
GetModuleHandleW
GetLastError
VirtualProtect
FreeLibrary
GetLocaleInfoW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FileTimeToLocalFileTime
GetLocalTime
GetSystemTime
SystemTimeToFileTime
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
ReleaseSemaphore
WaitForSingleObject
CloseHandle
TlsAlloc
TlsFree
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GlobalAlloc
GlobalSize
GlobalLock
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
FindResourceW
LoadResource
LockResource
LCMapStringW
SizeofResource
GetTempPathW

user32

GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
IsWindowVisible
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
ScreenToClient
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
SetMenuItemBitmaps
GetMenuItemID
GetMenuItemCount
GetWindowTextW
UnregisterClassA
LoadStringW
EnableWindow
SendMessageW
PostMessageW
TranslateAcceleratorW
GetWindowDC
SetWindowLongW
SetWindowPos
MapDialogRect
GetDialogBaseUnits
GetWindowLongW
AdjustWindowRectEx
MoveWindow
IsCharAlphaW
GetSysColor
RedrawWindow
ReleaseDC
GetDC
GetTabbedTextExtentW
FrameRect
FillRect
PtInRect
CopyRect
GetForegroundWindow
FindWindowW
GetWindowThreadProcessId
AttachThreadInput
GetParent
GetWindowRect
DrawFocusRect
InflateRect
SetRectEmpty
LoadCursorW
SetCursor
SetForegroundWindow
BringWindowToTop
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetFocus
UpdateWindow
MessageBoxW
PostThreadMessageW
MsgWaitForMultipleObjects
IsDialogMessageW
DrawTextExW
SetWindowTextW
ShowWindow
IsWindowEnabled
DispatchMessageW
PeekMessageW
CheckDlgButton
SetDlgItemTextW
DrawIcon
AppendMenuW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
EnableMenuItem
GetSubMenu
LoadMenuW
SetMenu
GetSystemMenu
IsIconic
GetClientRect
InvalidateRect
LoadIconW
GetSystemMetrics
GetCursorPos
LoadAcceleratorsW
TranslateMessage
PostQuitMessage
ValidateRect
GetMessageW
SetWindowContextHelpId
DestroyMenu
TabbedTextOutW
RegisterClipboardFormatW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
CharNextW
SetRect
MessageBeep
ReleaseCapture
SetCapture
DrawTextW
CharUpperW
EndPaint
BeginPaint
ClientToScreen
GrayStringW
GetWindowTextLengthW
GetSysColorBrush

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetMapMode
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CopyMetaFileW
GetDeviceCaps
SelectObject
CreateSolidBrush
GetTextExtentPoint32W
GetStockObject
GetObjectW
CreateFontIndirectW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

CryptGetHashParam
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegOpenKeyExW
RegConnectRegistryW
RegCreateKeyExW
RegQueryValueExW
RegEnumValueW
RegEnumKeyExW
GetUserNameW
CryptDestroyKey
CryptGenKey
CryptReleaseContext
CryptAcquireContextW
CryptEncrypt
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
CryptGetProvParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
CryptExportKey
CryptGetKeyParam
CryptImportKey
CryptDecrypt

shell32

ShellExecuteW

comctl32

ord17

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathIsUNCW

wininet

InternetQueryOptionW

rpcrt4

UuidToStringW
RpcStringFreeW

oledlg

OleUIBusyW

ole32

OleInitialize
CoCreateGuid
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CoRegisterMessageFilter
OleSetClipboard
OleFlushClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CLSIDFromString
OleIsCurrentClipboard

oleaut32

SysStringLen
VariantChangeTypeEx
VariantInit
VariantClear
VarDateFromStr
VariantChangeType
SysAllocStringLen
VarUdateFromDate
VarBstrFromDate
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString

ws2_32

gethostbyaddr
getservbyname
gethostbyname
bind
inet_addr
getsockname
WSAAddressToStringW
WSAAccept
getservbyport
ntohs
inet_ntoa
htonl
htons
getsockopt
setsockopt
WSACloseEvent
WSAEnumNetworkEvents
WSAAsyncSelect
WSAResetEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSASetEvent
WSACreateEvent
closesocket
shutdown
ntohl
getpeername
WSAGetLastError
WSAStartup
WSACleanup
WSASetLastError
WSAEnumProtocolsW
WSASocketW
listen
connect
WSAConnect
ioctlsocket
WSAIoctl
send
WSASend
sendto
WSASendTo
recv
WSARecv
recvfrom
WSARecvFrom

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

urlmon

URLDownloadToFileW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a678542fbec8592cb0ef2bfad96c004

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

wininet

rpcrt4

oledlg

ole32

oleaut32

ws2_32

version

urlmon

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 304KB - Virtual size: 303KB

.data Size: 58KB - Virtual size: 86KB

.rsrc Size: 446KB - Virtual size: 445KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 304KB - Virtual size: 303KB

.data
Size: 58KB - Virtual size: 86KB

.rsrc
Size: 446KB - Virtual size: 445KB